In the world of technology computer networks have increased the efficiency and speed of the systems and the IP has made it possible for computers across the globe to communicate easily. Learn how these advantages can help you and how networking and Internet are used in Red Hat Linux.

The communications facilities linking computers are continually improving, allowing faster and more economical connections. The earliest computers were unconnected stand-alone machines. To transfer information from one system to another, you had to store it in some form (usually magnetic tape, paper tape, or punch cardscalled IBM or Hollerith cards), carry it to a compatible system, and read it back in. A notable advance occurred when computers began to exchange data over serial lines, although the transfer rate was slow (hundreds of bits per second). People quickly invented new ways to take advantage of this computing power, such as e-mail, news retrieval, and bulletin board services. With the speed of today's networks, it is normal for a piece of e-mail to cross the country or even travel halfway around the world in a few seconds.

It would be difficult to find a computer facility that does not include a LAN to link the systems. GNU/Linux systems are typically attached to an Ethernet (page 1466) network. Wireless networks are becoming prevalent as well. Large computer facilities usually maintain several networks, often of different types, and almost certainly have connections to larger networks (company- or campuswide and beyond).

The Internet is a loosely administered network of networks (an internetwork) that links computers on diverse LANs around the globe. An internet (small i ) is a generic network of networks that may share some parts in common with the public Internet. It is the Internet that makes it possible to send an e-mail message to a colleague thousands of miles away and receive a reply within minutes. A related term, intranet, refers to the networking infrastructure within a company or other institution. Intranets are usually private; access to them from external networks may be limited and carefully controlled, typically using firewalls (page 358).

Over the past decade many network services have emerged and become standard. On GNU/Linux systems, as on UNIX computers, special processes called daemons (page 1463) support such services by exchanging specialized messages with other systems over the network. Several software systems have been created to allow computers to share their filesystems with one another, making it appear as though remote files are stored on local disks. Sharing remote filesystems allows users to share information without knowing where the files physically reside, without making unnecessary copies, and without learning a new set of utilities to manipulate them. Because the files appear to be stored locally, you can use standard utilities (such as cat, vi, lpr, mv, or their graphical counterparts) to work with them.

Developers have been creating new tools and extending existing ones to take advantage of higher network speeds and work within more crowded networks. The rlogin,rsh, and telnet utilities, designed long ago, have largely been supplanted by ssh (secure shellpage 374). The ssh utility allows a user to log in on or execute commands securely on a remote computer. Users rely on such utilities as scp and ftp to transfer files from one system to another across the network. Communication utilities, including e-mail utilities, and chat programs, such as talk, Internet Relay Chat (IRC), ICQ, and AOL Instant Messenger (AIM), have become so prevalent that many people with very little computer experience use them on a daily basis to keep in touch with friends and family.

An intranet is a network that connects computing resources at a school, company, or other organization but, unlike the Internet, typically restricts access to internal users. An intranet is very similar to a LAN but is based on Internet technology. An intranet can provide database, e-mail, and Web page access to a limited group of people, regardless of their geographic location.

The fact that an intranet is able to connect dissimilar machines is one of its strengths. Think of all the machines that are on the Internet: Macs, PCs running different versions of MS Windows, various machines running UNIX and GNU/Linux, and so on. Each of these machines can communicate via IP (page 360), a common protocol. So it is with an intranet: Different machines can all talk to one another.

Another key difference between the Internet and an intranet is that the Internet will transmit only one protocol suite: the IP protocol suite. An intranet can be set up to use a number of protocols, such as IP, IPX, Appletalk, DECnet, XNS, or various other protocols developed by vendors over the years. Although these protocols cannot be transmitted directly over the Internet, you can set up special gateway boxes at remote sites that tunnel or encapsulate these protocols into IP packets in order to use the Internet to pass them.

You can use an extranet (or partner net) to improve your security. A closely related term is virtual private network (VPN). These terms describe ways to connect remote sites securely to a local site, typically by using the public Internet as a carrier and using encryption as a means of protecting data in transit.

As with the Internet, the communications potential of intranets is boundless. You can set up a private chat between people at remote locations, access a company database, see what is new at school, or read about the new university president. Companies that developed products for use on the Internet are investing more and more time and money developing intranet software applications as the intranet market explodes. Following are some words you may want to become familiar with before you read the rest of this chapter. Refer to the Appendix G on page 1453 for definitions.

ASP

bridge

extranet

firewall

gateway

hub

internet

Internet

intranet

ISP

packet

router

sneakernet

switch

VPN

Types of Networks and How They Work

Computers communicate over networks by using unique addresses assigned by system software. A computer message, called a packet, frame, or datagram, includes the address of the destination computer and the sender's return address. The three most common types of networks are broadcast, point-to-point, and switched. Once popular token-based networks (such as FDDI and Token Ring) are rarely seen anymore.

Speed is important to the proper functioning of the Internet. Newer specifications (cat 6 and cat 7) are being standardized for 1000BaseT (10 gigabits per second, called gigabit Ethernet, or GIG-E) and faster networking. Some of the networks that form the backbone of the Internet run at speeds up to almost 10 gigabytes per second (OC192) to accommodate the ever-increasing demand for network services. Table 9-1 lists some of the common specifications in use today.

Table 9-1. Specification

DS0

64 kilobits per second

ISDN

Two DS0 lines plus signaling (16 kilobits per second) or 128 kilobits per second

T-1

1.544 megabits per second (24 DS0 lines)

T-3

43.232 megabits per second (28 T-1s)

OC3

155 megabits per second (100 T-1s)

OC12

622 megabits per second (4 OC3s)

OC48

2.5 gigabits per seconds (4 OC12s)

OC192

9.6 gigabits per second (4 OC48s)

Broadcast

On a broadcast network, such as Ethernet, any of the many systems attached to the network cable can send a message at any time; each system examines the address in each message and responds only to messages addressed to it. A problem occurs on a broadcast network when multiple systems send data at the same time, resulting in a collision of the messages on the cable. When messages collide, they can become garbled. The sending system notices the garbled message and resends it after waiting a short but random amount of time. Waiting a random amount of time helps prevent those same systems from resending the data at the same moment and experiencing another collision. The extra traffic that results from collisions can put quite a load on the network; if the collision rate gets too high, the retransmissions result in more collisions, and the network becomes unusable.

Point-to-Point

A point-to-point link does not seem like much of a network at all because only two endpoints are involved. However, most connections to WANs are through point-to-point links, using wire cable, radio, or satellite links. The advantage of a point-to-point link is that because only two systems are involved, the traffic on the link is limited and well understood. A disadvantage is that each system can typically be equipped for a small number of such links, and it is impractical and costly to establish point-to-point links that connect each computer to all the rest.

Point-to-point links often use serial lines and modems but can use personal computer parallel ports for faster links between GNU/Linux systems. The use of a modem with a point-to-point link allows an isolated system to connect inexpensively into a larger network.

The most common types of point-to-point links are the ones used to connect to the Internet. When you use DSL1 (digital subscriber line), you are using a point-to-point link to connect to the Internet. Serial lines, such as T-1, T-3, ATM links, and ISDN, are all point to point. Although it might seem like a point-to-point link, a cable modem is based on broadcast technology and in that way is similar to Ethernet.

Switched

A switch is a device that establishes a virtual path between source and destination hosts such that each path appears to be a point-to-point link, much like a railroad roundhouse. The telephone network is a giant switched network. The switch brings up and tears down virtual paths as hosts need to communicate with each other. Each host thinks that it has a direct point-to-point path to the host it is talking to. Contrast this with a broadcast network, where each host also sees traffic bound for other hosts. The advantage of a switched network over a pure point-to-point network is that each host requires only one connection: the connection to the switch. Using pure point-to-point connections, each host must have a connection to every other host. Scalability is provided by further linking switches.

LAN: Local Area Network

Local area networks (LANs) are confined to a relatively small areaa single computer facility, building, or campus. Today most LANs run over copper or fiberoptic cable, but other, wireless technologies, such as infrared (similar to most television remote control devices) and radio wave, are becoming more popular.

If its destination address is not on the local network, a packet must be passed on to another network by a router (page 357). A router may be a general-purpose computer or a special-purpose device attached to multiple networks to act as a gateway among them.

Ethernet

A GNU/Linux system connected to a LAN usually connects to the network by using Ethernet. A typical Ethernet connection can support data transfer rates from 10 megabits per second to 1 gigabit per second, with speed enhancements planned. Owing to computer load, competing network traffic, and network overhead, file transfer rates on an Ethernet are always slower than the maximum, theoretical transfer rate.

An Ethernet network transfers data by using copper or fiberoptic (glass) cable or wireless transmitters and receivers. Originally each computer was attached to a thick coaxial cable (called thicknet) at tap points spaced at six-foot intervals along the cable. The thick cable was awkward to deal with, so other solutions, including a thinner coaxial cable known as thinnet, or 10Base2,2 were developed. Today most Ethernet connections are either wireless or made over unshielded twisted pair (referred to as UTP, Category 3 (cat 3), Category 5 (cat 5), Category 5e (cat 5e) 10BaseT, or 100BaseT) wiresimilar to the type of wire used for telephone lines and serial data communications.

A switched Ethernet network is a special case of a broadcast network that works with a network switch, or just switch, which is a special class of hub that has intelligence. Instead of having a dumb repeater (hub) that broadcasts every packet it receives out of every port, a switch learns which devices are connected to which of its ports. A switch sorts packets so that it sends traffic to only the machine the traffic is intended for. A switch also has buffers for holding and queuing packets.

Some Ethernet switches have enough bandwidth to communicate simultaneously, in full-duplex mode, with all the devices that are connected to it. A nonswitched (hub-based) broadcast network can run in only half-duplex mode. Full-duplex Ethernet further improves things by eliminating collisions. Each host can transmit and receive simultaneously at 10/100/1000 megabits per second for an effective bandwidth between hosts of 20/200/2000 megabits per second, depending on the capacity of the switch.

Wireless

Wireless networks are becoming increasingly common. They are used in offices, homes, and public places, such as universities and airports. Wireless access points provide functionality similar to an Ethernet hub. They allow multiple users to interact, using a common radio frequency spectrum. A wireless, point-to-point connection allows you to wander about your home or office with your laptop, using an antenna to link to a LAN or to the Internet via an in-house base station. GNU/Linux has drivers for many of the common wireless boards. A wireless access point connects a wireless network to a wired network so that no special protocol is required for a wireless connection. Refer to the Linux Wireless LAN HOWTO and www.hpl.hp.com/personal/Jean_Tourrilhes/Linux.

WAN: Wide Area Network

A wide area network (WAN) covers a large geographic area. The technologies (such as Ethernet) used for LANs were designed to work over limited distances and for a certain number of host connections. A WAN may span long distances over dedicated data lines (leased from a telephone company) or radio or satellite links. WANs are often used to interconnect LANs. Major Internet service providers rely on WANs to connect to customers within a country and around the globe.

Some networks do not fit into either the LAN or the WAN designation: A MAN (metropolitan area network) is one that is contained in a smaller geographic area, such as a city. Like WANs, MANs are typically used to interconnect LANs.

Internetworking through Gateways and Routers

A LAN connects to a WAN through a gateway, a generic term for a computer or a special device with multiple network connections that passes data from one network to another. The purpose of the gateway is to convert the data traffic from the format used on the LAN to that used on the WAN. Data that crosses the country from one Ethernet to another over a WAN, for example, is repackaged from the Ethernet format to a different format that can be processed by the communications equipment that makes up the WAN backbone. When it reaches the end of its journey over the WAN, the data is converted by another gateway to the format appropriate for the receiving network. For the most part these details are of concern only to the network administrators; the end user does not need to know anything about how the data transfer is carried out.

A router is the most common form of a gateway. Routers play an important role in internetworking. Just as you might study a map to plan your route when you need to drive to an unfamiliar place, a computer needs to know how to deliver a message to a system attached to a distant network by passing through intermediary systems and networks along the way. You can imagine using a giant network road map to choose the route that your data should follow, but a static map of computer routes is usually a poor choice for a large data network. Computers and networks along the route you choose may be overloaded or down, without providing a detour for your message.

Routers communicate with one another dynamically, keeping one another informed about which routes are open for use. To extend the analogy, this would be like heading out on a car trip without consulting a map to find a route to your destination; instead you head for a nearby gas station and ask directions. Throughout the journey, you would continue to stop at one gas station after another, getting directions at each to find the next one. Although it would take a while to make the stops, each gas station would advise you of bad traffic, closed roads, alternative routes, and shortcuts.

The stops the data makes are much quicker than those you would make in your car, but each message leaves each router on a path chosen based on the most current information. Think of it as a GPS (global positioning system) setup that automatically gets updates at each intersection and tells you where to go next, based on traffic and highway conditions.

Figure 9-1 shows an example of how LANs might be set up at three sites interconnected by a WAN (the Internet). In network diagrams such as this, Ethernet LANs are drawn as straight lines, with devices attached at right angles; WANs are represented as clouds, indicating that the details have been left out; wireless connections are drawn as zigzag lines with breaks, indicating that the connection may be intermittent.

In Figure 9-1 a gateway or a router relays messages between each LAN and the Internet. Three of the routers in the Internet are shown (for example, the one closest to each site). Site A has a server, a workstation, a network computer, and a PC sharing a single Ethernet LAN. Site B has an Ethernet LAN that serves a printer and four GNU/Linux workstations. A firewall permits only certain traffic between the Internet router and the site's local router. Site C has three LANs linked by a single router, perhaps to reduce the traffic load that would result if they were combined or to keep workgroups or locations on separate networks. Site C includes a wireless access point that enables wireless communication with nearby computers.

Firewall

A firewall in a car separates the engine compartment from the passenger compartment, protecting the driver and passengers from engine fires, noise, and fumes. Computer firewalls separate computers from malicious and unwanted users.

A firewall prevents certain types of traffic from entering or leaving a network. A firewall might prevent traffic from your IP address from leaving the network and prevent anyone except users from select domains from using ftp to retrieve data from the network. The implementations of firewalls vary widely, from GNU/Linux machines with two interfaces (page 1473) running custom software to a router (page 1490) with simple access lists to esoteric, vendor-supplied firewall appliances. Most larger installations have at least one kind of firewall in place. A firewall is often accompanied by a proxy server/gateway (page 397) to provide an intermediate point between you and the host you are communicating with.

In addition to those found in multipurpose computers, firewalls are becoming increasingly common in consumer appliances. Firewalls are built into cable modems, wireless gateways, routers, and stand-alone devices.

When your need for privacy is critical, you can meet with a consulting firm that will discuss your security needs, devise a strategy, produce a written implementation policy, and design a firewall for you from scratch. Typically a single GNU/Linux machine can include a minimal firewall. A small group of GNU/Linux machines may have a cheap, slow GNU/Linux machine with two network interfaces and packet-filtering software functioning as a dedicated firewall. One of the interfaces connects to the Internet, modems, and other outside data sources, whereas the other connects, normally through a hub or switch, to the local network's machines. Refer to page 924 for information on setting up a firewall and to Appendix C for a discussion of security.

Network Protocols

To exchange information over a network, computers must communicate using a common language, or protocol (page 1486). The protocol determines the format of the message packets. The predominant network protocols used by GNU/Linux systems are TCP and IP, referred to as TCP/IP3 (Transmission Control Protocol and Internet Protocol). Network services that need highly reliable connections, such as ssh and scp, tend to use TCP/IP. Another protocol used for some system services is UDP (User Datagram Protocol). Network services that do not require guaranteed delivery, such as RealAudio and RealVideo, operate satisfactorily with the simpler UDP.4

IP: Internet Protocol

Layering was introduced to facilitate protocol design: Layers distinguish functional differences between adjacent protocols. A grouping of layers can be standardized into a protocol model. IP is a protocol and has a corresponding model for what distinguishes protocol layers. The IP model differs from the ISO seven-layer protocol model (also called the OSI model) often illustrated in networking textbooks. IP uses a simplified five-layer model.

The first layer, called the physical layer, describes the physical medium (copper, fiber, wireless) and the data encoding used to transmit signals on that medium (pulses of light, electrical waves, or radio waves, for instance).

The second layer, called the data link layer, covers media access by network devices and describes how to put data into packets, transmit the data, and check it for errors. Ethernet is at this layer, as is 802.11 wireless.

The third layer, called the network layer, frequently uses IP and addresses and routes packets.

The fourth layer, called the transport layer, is where TCP and UDP exist. This layer provides a means for applications to communicate with each other. Common functions of the transport layer include guaranteed delivery, delivery of packets in the order of transmission, flow control, error detection, and error correction. The transport layer is responsible for dividing data streams into packets. This layer also performs port addressing, which allows it to distinguish among different services using the same transport protocol. Port addressing keeps the data from multiple applications using the same protocol (for example TCP) separate.

Anything above the transport layer is the domain of the application and is part of the fifth layer. Unlike the ISO model, the Internet model does not distinguish among application, presentation, and session layers. All the upper-layer characteristics, such as character encoding, encryption, GUI, and so on, are part of the application. Applications choose the transport characteristics they require and choose the corresponding transport layer protocol to send and receive data.

TCP: Transmission Control Protocol

TCP is most frequently run on top of IP in a combination referred to as TCP/IP. TCP provides error recovery and guaranteed delivery in packet transmission order and works with multiple ports so that it can handle more than one application. TCP is a connection-oriented protocol (page 1461), also known as a streams-based protocol. Once established, a TCP connection looks like a stream of data, not individual IP packets. The connection is assumed to remain up and be uniquely addressable. Every piece of information you write to the connection always goes to the same destination and arrives in the order it was sent. Because TCP is connection oriented and establishes what you can think of as a virtual circuit between two machines, TCP is not suitable for one-to-many transmissions (see UDP, following). TCP has builtin mechanisms for dealing with congestion (or flow) control over busy networks and throttles back (slows the speed of data flow) when it has to retransmit dropped packets. TCP can also deal with acknowledgments, wide area links, high delay links, and other situations.

UDP: User Datagram Protocol

UDP runs at layer 4 of the IP stack, just as TCP does, but is much simpler. Like TCP, UDP works with multiple ports/multiple applications and has checksums for error detection but does not automatically retransmit packets that fail the checksum. UDP is a packet- (or datagram-) oriented protocol: Each packet must carry its own address and port information. Each router along the way examines each packet to determine the destination one hop at a time. You can broadcast or multicast UDP packets to many destinations at the same time by using special addresses.

PPP: Point-to-Point Protocol

PPP provides serial line point-to-point connections that support IP. PPP compresses data to make the most of the limited bandwidth available on serial connections. PPP, which replaces SLIP (Serial Line IP), acts as a point-to-point layer 2/3 transport that many other types of protocols can ride on. PPP is used mostly for IP-based services and connections, such as TCP or UDP.5 For more information, refer to "Internet Configuration Wizard" on page 1023.

Xremote and LBX

Two protocols that speed up work over serial lines are Xremote and LBX. Xremote compresses the X Window System protocol so that it is more efficient over slower serial lines. LBX (low-bandwidth X) is based on the Xremote technology and is a part of the X Window System release X11R6.

Host Address

Each computer interface is identified by a unique address, or host number, on its network. A system that is attached to more than one network has multiple interfaces, one for each network and each with a unique address.

Each packet of information that is broadcast over the network has a destination address. All hosts on the network must process each broadcast packet to see whether it is addressed to that host.6 If the packet is addressed to a given host, that host continues to process it. If not, the host ignores it.

The network address of a machine is an IP address, which is represented as one number broken into four segments separated by periods (for example, 192.168.184.5). Domain names and IP addresses are assigned through a highly distributed system coordinated by ICANN (Internet Corporation for Assigned Names and Numberswww.icann.org) via many registrars (see www.internic.net). ICANN is funded by the various domain name registries and registrars and IP address registries, which supply globally unique identifiers for hosts and services on the Internet. Although you may not deal with any of these agencies directly, your Internet service provider does.

How a company uses IP addresses is determined by the system or network administrator. For example, the leftmost two sets of numbers in an IP address might represent a large network (campus- or companywide); the third set might specify a subnetwork (perhaps a department or single floor in a building); and the rightmost number, an individual computer. The operating system uses the address in a different, lower-level form, converting it to its binary equivalent, a series of 1s and 0s. See the following Optional section for more information. Refer to "private address space" on page 1486 in the Glossary for information about addresses you can use on your LAN without registering them.

Static versus Dynamic IP addresses

A static IP address is one that remains the same. A dynamic IP address is one that can change each time you connect to your ISP. A dynamic address remains the same during a single login session. Any server (mail, Web, and so on) must have a static address so that clients can find the machine that is the server. End user machines usually work well with dynamic addresses. During a given login session, they can function as a client (your Web browser, for example) because they have a constant IP address. When you log out and log in again, it does not matter that you have a new IP address, because your computer, acting as a client, establishes a new connection with a server. The advantage of dynamic addressing is that it allows inactive addresses to be reused, reducing the total number of IP addresses needed. Refer to "DHCP Client" on page 1028 for more information about dynamic IP addressing.

Optional

IP Classes

To facilitate routing on the Internet, IP addresses are divided into classes. Classes, labeled class A through class E, allow the Internet address space to be broken into blocks of small, medium, and large networks that are designed to be assigned based on the number of hosts within a network.

When you need to send a message to an address outside your network, your system looks up the address block/class in its routing table and sends the message to the next router on the way to the final destination. Every router along the way does a similar lookup to forward the message. At the destination, local routers direct the message to the specific address. Without classes and blocks, your host would have to know every network and subnetwork address on the Internet before it could send a message. This would be impractical because of the number of addresses on the Internet.

Table 9-2. IP Classes

All Bits
(including start bits)

Class

Start Bits

Address Range

07

815

1623

2431

Class A

0

001.000.000.000-126.000.000.000

0--netid--

==========hostid==========

Class B

10

129.000.000.000-191.255.000.000

10-------netid------

======hostid=====

Class C

110

192.000.000.000-223.255.255.000

110----------netid-------------

=hostid==

Class D (Multicast)

1110

224.000.000.000-239.255.255.000

1110

Class E (Reserved)

11110

240.000.000.000-255.255.255.000

11110

Each of the four numbers in the IP address is in the range of 0255 because each segment of the IP address is represented by 8 bits (an octet), each bit capable of taking on two values; the total number of values is 28 = 256. When you start counting at 0, 1256 becomes 0255.7 Each IP address is divided into a net address (netid) portion (which is part of the class) and a host address (hostid) portion. See Table 9-2.

The first set of addresses, defining class A networks, is for extremely large corporations, such as General Electric (3.0.0.0) and Hewlett-Packard (15.0.0.0), or for ISPs. One start bit (0) in the first position designates a class A network, 7 bits hold the network portion of the address (netid), and 24 bits hold the host portion of the address (hostid, Table 9-2). This means that GE can have 224, or approximately 16 million hosts on its network. Unused address space and subnets (page 1495) lower this number quite a bit. The 127.0.0.0 subnet is reserved (page 368), as are 128.0.0.0 and several others.

Two start bits (10) in the first two positions designate a class B network, 14 bits hold the network portion of the address (netid), and 16 bits hold the host portion of the address, for a potential total of 65,534 hosts.8 A class C network uses 3 start bits (100), 21 netid bits (2 million networks), and 8 hostid bits (254 hosts). Today a new large customer will not receive a class A or B network but is likely to receive a class C or several (usually contiguous) class C networks, if merited.

Several other classes of networks exist. Class D networks are reserved for multicast (page 1480) networks. When you run netstat nr on your GNU/Linux system, you can see whether your machine is a member of a multicast network. A 224.0.0.0 in the Destination column that netstat displays indicates a class D, multicast address (Table 9-2). A multicast is like a broadcast, but only hosts that subscribe to the multicast group receive the message. To use Web terminology, a broadcast is like a push. A host pushes a broadcast on the network, and every host on the network must check each packet to see whether it contains relevant data. A multicast is like a pull. A host will see a multicast only if it registers itself as subscribed to a multicast group or service and pulls the appropriate packets from the network.

Table 9-3 shows some of the computations for IP address 131.204.027.027. Each address is shown in decimal, hexadecimal, and binary. Binary is the easiest to work with for bitwise, (binary) computations. The first three lines show the IP address. The next three lines show the subnet mask (page 1495) in three bases. Next, the IP address and the subnet mask are ANDed together bitwise to yield the subnet number (page 1495), which is shown in three bases. The last three lines show the broadcast address (page 1458), which is computed by taking the subnet number and turning the hostid bits to 1s. The subnet number is the name/number of your local network. The subnet number and the subnet mask determine what range the IP address of your machine must be in. They are also used by routers to segment traffic; see network segment (page 1482). A broadcast on this network goes to all hosts in the range 131.204.27.1 through 131.204.27.254 but will be acted on only by hosts that have a use for it.

Subnets

Each host on a network must process each broadcast to determine whether the information in the broadcast packet is useful to that host. If a lot of hosts are on a network, each host must process many packets. To maintain efficiency, most networks, particularly shared media networks, such as Ethernet, need to be split into subnetworks, or subnets.9 The more hosts on a network, the more dramatically network performance is impacted. Organizations use router and switch technology called VLANs (virtual local area network) to group similar hosts into broadcast domains (subnets) based on function. It's not uncommon to see a switch with different ports being part of different subnets.

Table 9-3. Computations for IP address 131.204.027.027

---------------Class
B--------------

netid

hostid

IP Address

131

.204

.027

.027

decimal

8C

CC

1B

1B

hexadecimal

1000 1100

1100 1100

0001 1011

0001 1011

binary

Subnet Mask

255

.255

.255

.000

decimal

FF

FF

FF

00

hexadecimal

1111 1111

1111 1111

1111 1111

0000 0000

binary

IP Address bitwise
AND

1000 1100

1100 1100

0001 1011

0001 1011

decimal

Subnet Mask

1111 1111

1111 1111

1111 1111

0000 0000

hexadecimal

= Subnet Number

1000 1100

1100 1100

0001 1011

0000 0000

binary

Subnet Number

131

.204

.027

.000

decimal

83

CC

1B

00

hexadecimal

1000 1100

1100 1100

0001 1011

0000 0000

binary

Broadcast Address
(Set host bits to 1)

131

.204

.27

.255

decimal

83

CC

1B

FF

hexadecimal

1000 0011

1100 1100

0001 1011

1111 1111

binary

A subnet mask (or address mask) is a bit mask that identifies which parts of an IP address correspond to the network address and subnet portion of the address. This mask has 1s in positions corresponding to the network and subnet numbers and 0s in the host number positions. When you perform a bitwise AND on an IP address and a subnet mask (Table 9-3), the result is an address that contains everything but the host address (hostid) portion.

There are several ways to represent a subnet mask: A network could have a subnet mask of 255.255.255.0 (decimal), FFFFFF00 (hexadecimal), or /24 (the number of bits used for the subnet mask). If it were a class B network (of which 16 bits are already fixed), this yields 28 (24 total bits  16 fixed bits = 8 bits, 28 = 256) networks10 with 28  2 (256  2 = 254) hosts11 on each network. If you do use a subnet mask, use netconfig to let the system know about it.

For example, when you divide the class C address 192.25.4.0 into eight subnets, you get a subnet mask of 255.255.255.224, FFFFFFE0, or /27 (27 1s). The eight resultant networks are 192.25.4.0, 192.25.4.32, 192.25.4.64, 192.25.4.96, 192.25.4.128, 192.25.4.160, 192.25.4.192, and 192.25.4.224. You can use a Web-based subnet mask calculator to calculate subnet masks (page 1401). To use this calculator to determine the preceding subnet mask, use an IP host address of 192.25.4.0. Go to www.telusplanet.net/public/sparkman/netcalc.htm for a nice subnet calculator.

CIDR: Classless Inter-Domain Routing

CIDR (pronounced cider) allows groups of addresses that are smaller than a class C block to be assigned to an organization or ISP and further subdivided and parceled out. In addition, it helps to alleviate the potential problem of routing tables on major Internet backbone and peering devices becoming too large to manage.

The pool of available IPv4 addresses has been depleted to the point that no one gets a class A address anymore. The trend is to reclaim these huge address blocks, if possible, and recycle them into groups of smaller addresses. Also, as more class C addresses are assigned, routing tables on the Internet are filling up and causing memory overflows. The solution is to aggregate12 groups of addresses into blocks and allocate them to ISPs which in turn subdivide these blocks and allocate them to customers. The address class designations (A, B, and C) described in the previous section are used less today, although subnets are still used. When you request an address block, your ISP usually gives as many addresses as you need and no more. The ISP aggregates several contiguous smaller blocks and routes them to your location. This aggregation is CIDR. Without CIDR, the Internet as we know it would not function.

For example, you might be allocated the 192.168.5.0/22 IP address block, which could support 210 hosts (32  22 = 10). Your ISP would set its routers so that any packets going to an address in that block would be sent to your network. Internally, your own routers might further subdivide this block of 1024 potential hosts into subnets, perhaps into four networks. Four networks require an additional two bits of addressing (22 = 4). You could set up your router to have four networks with this allocation: 192.168.5.0/24, 192.168.6.0/24, 192.168.7.0/24, and 192.168.8.0/24. Each of these networks could have 254 hosts. CIDR lets you arbitrarily divide networks and subnetworks into ever smaller blocks along the way. Each router has enough memory to keep track of the addresses it needs to direct and aggregates the rest. This scheme uses memory and address space efficiently. You could take 192.168.8.0/24 and further divided it into 16 networks with 14 hosts each. The 16 networks require four more bits (24 = 16), so you'd have 192.168.8.0/28, 192.168.8.16/28, 192.168.8.32/28, and so on to the last subnet of 192.168.8.240/16, which would have the hosts 192.168.8.241 through 192.168.8.254.

Hostnames

People generally find it easier to work with symbolic names than with numbers, and GNU/Linux provides several ways to associate hostnames with IP addresses. The oldest method is to consult a list of names and addresses that are stored in the /etc/hosts file:

The address 127.0.0.1 is reserved for the special hostname localhost, which serves as a hook for the system's networking software to operate on the local machine without going out onto a physical network. The names of the other systems are shown in two forms: in a fully qualified domain (FQDN) format that is meant to be unique and as a nickname that is unique locally but usually not unique over all the systems attached to the Internet.

As more hosts joined networks, storing these name-to-address mappings in a regular text file proved to be inefficient and inconvenient. The file grew ever larger and impossible to keep up-to-date. GNU/Linux supports NIS (Network Information Service, page 390) and NIS+, which were developed for use on Sun computers. Each of these network services stores information in a database. These solutions make it easier to find a specific address but are useful only for host information within a single administrative domain. Hosts outside the domain cannot access the information.

The solution is DNS (Domain Name Service, page 388). DNS effectively addresses the efficiency and update issues by arranging the entire network naming space as a hierarchy. Each domain in the DNS manages its own name space (addressing and name resolution), and each domain can easily query for any host or IP address by following the tree up or down the name space until the appropriate domain is found. By providing a hierarchical naming structure, DNS distributes name administration across the entire Internet.

IPv6

The explosive growth of the Internet has uncovered deficiencies in the design of the current address plan, most notably lack of addresses. Over the next few years, a revised protocol, named IPng (IP Next Generation), or IPv6 (IP version 6),13 will be phased in (it may take longer; the phase-in is going quite slowly). This new scheme is designed to overcome the major limitations of the current approach and can be phased in gradually because it is compatible with the existing address usage. IPv6 makes it possible to assign many more unique Internet addresses (2128, or 340 undecillion [1036]) and offers support for security and performance control features.

IPv6

Enables autoconfiguration. With IPv4 autoconfiguration is available via optional DHCP. With IPv6 autoconfiguration is mandatory, making it easy for hosts to configure their IP addresses automatically.

Provides a simplified packet header that allows hardware accelerators to work better.

A sample IPv6 address is fe80::a00:20ff:feff:5be2/10. Each group of four hexadecimal digits is equivalent to a number between 0 and 65536 (164). A pair of adjacent colons indicates a hex value of 0x0000, and leading 0s need not be shown. With eight sets of hexadecimal groupings, you have 65,5368 = 2128 possible addresses. In an IPv6 address on a host with the default autoconfiguration, the first characters in the address are always fe80. The last 64 bits hold an interface ID designation which is often the MAC address (page 1478) of the Ethernet controller on the system.